US2025315544A1PendingUtilityA1

Systems and methods for encrypting parameters of a large language model

76
Assignee: CONSTRUCTOR TECH AGPriority: Apr 5, 2024Filed: Apr 4, 2025Published: Oct 9, 2025
Est. expiryApr 5, 2044(~17.7 yrs left)· nominal 20-yr term from priority
G06F 21/6245G06N 3/084G06F 17/16H04L 9/0819H04L 9/14G06F 21/6218G06N 20/00G06F 21/6227H04L 9/008G06F 2221/2141H04L 9/3213G06F 21/602H04L 63/0478
76
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

A system receives a training dataset for the LLM that includes confidential data, wherein the LLM comprises preset parameters. The system trains the LLM using the training dataset, including: identifying one or more parameters changed during the training, and encrypting the changed parameters. The system receives an input query for the LLM from a user. The system determines if the user has access rights to the confidential data. In response to determining that the user has the access rights to the confidential data, the system decrypts the encrypted changed parameters of the LLM, and performs an LLM inference using the decrypted changed parameters. In response to determining that the user does not have the access rights to the confidential data, the system performs the LLM inference with the preset parameters without decrypting the encrypted changed parameters.

Claims

exact text as granted — not AI-modified
1 . A method for secure deployment of a Large Language Model (LLM), comprising:
 receiving a training dataset for the LLM that includes confidential data, wherein the LLM comprises preset parameters;   training the LLM using the training dataset, including: identifying one or more parameters changed during the training, and encrypting the changed parameters;   receiving an input query for the LLM from a user;   determining if the user has access rights to the confidential data;   in response to determining that the user has the access rights to the confidential data, decrypting the encrypted changed parameters of the LLM, and performing an LLM inference using the decrypted changed parameters; and   in response to determining that the user does not have the access rights to the confidential data, performing the LLM inference with the preset parameters without decrypting the encrypted changed parameters.   
     
     
         2 . The method of  claim 1 , wherein encrypting the changed parameters includes encrypting at least one layer comprising the changed parameters. 
     
     
         3 . The method of  claim 1 , wherein encrypting the changed parameters comprises encrypting a difference between a first state of the changed parameters prior to the training and a second state of the changed parameters after the training. 
     
     
         4 . The method of  claim 3 , wherein performing the LLM inference using the decrypted changed parameters comprises decrypting the difference and applying the decrypted difference to the first state of the changed parameters to determine the second state of the changed parameters. 
     
     
         5 . The method of  claim 3 , wherein the first state of the changed parameters is the preset parameters. 
     
     
         6 . The method of  claim 3 , further comprising:
 determining if a value of the difference between the changed parameters and prior parameters is less than a threshold amount, and   in response to determining that the value of the difference is less than the threshold amount, reverting the changed parameters such that the changed parameters return to a state prior to the training with the training dataset, and not encrypting the changed parameters.   
     
     
         7 . The method of  claim 1 , wherein the changed parameters comprise weights and/or biases. 
     
     
         8 . The method of  claim 1 , wherein the LLM is a 1-bit large language model (LLM). 
     
     
         9 . The method of  claim 1 , wherein the preset parameters are encrypted by a general encryption scheme. 
     
     
         10 . The method of  claim 1 , wherein the user has the access rights to the confidential data when the user possesses a private encryption key for decrypting the encrypted parameters. 
     
     
         11 . The method of  claim 10 , wherein a first output value without private information is generated by the LLM when a user input query for the LLM inference is not provided with the private encryption key, and a second output value comprising the private information is generated by the LLM when the user input query is provided with the private encryption key. 
     
     
         12 . The method of  claim 11 , wherein the user is provided with one or more encryption keys based on a level of access to the confidential data such that all of the one or more encryption keys are needed to access all of the confidential data. 
     
     
         13 . The method of  claim 1 , wherein associated parameters of each of one or more layers of the LLM is encrypted by a different encryption key. 
     
     
         14 . A system for secure deployment of a Large Language Model (LLM), comprising:
 at least one memory; and   at least one hardware processor coupled with the at least one memory and configured, individually or in combination, to:
 receive a training dataset for the LLM that includes confidential data, wherein the LLM comprises preset parameters; 
 train the LLM using the training dataset, including: identifying one or more parameters changed during the training, and encrypting the changed parameters; 
 receive an input query for the LLM from a user; 
 determine if the user has access rights to the confidential data; 
 in response to determining that the user has the access rights to the confidential data, decrypt the encrypted changed parameters of the LLM, and perform an LLM inference using the decrypted changed parameters; and 
 in response to determining that the user does not have the access rights to the confidential data, perform the LLM inference with the preset parameters without decrypting the encrypted changed parameters. 
   
     
     
         15 . The system of  claim 14 , wherein the at least one hardware processor is configured to encrypt the changed parameters by encrypting at least one layer comprising the changed parameters. 
     
     
         16 . The system of  claim 14 , wherein the at least one hardware processor is configured to encrypt the changed parameters by encrypting a difference between a first state of the changed parameters prior to the training and a second state of the changed parameters after the training. 
     
     
         17 . The system of  claim 16 , wherein the at least one hardware processor is configured to perform the LLM inference using the decrypted changed parameters by decrypting the difference and applying the decrypted difference to the first state of the changed parameters to determine the second state of the changed parameters. 
     
     
         18 . The system of  claim 16 , wherein the first state of the changed parameters is the preset parameters. 
     
     
         19 . The system of  claim 16 , wherein the at least one hardware processor is configured to:
 determine if a value of the difference between the changed parameters and prior parameters is less than a threshold amount, and   in response to determining that the value of the difference is less than the threshold amount, revert the changed parameters such that the changed parameters return to a state prior to the training with the training dataset, and not encrypt the changed parameters.   
     
     
         20 . A non-transitory computer readable medium storing thereon computer executable instructions for secure deployment of a Large Language Model (LLM), including instructions for:
 receiving a training dataset for the LLM that includes confidential data, wherein the LLM comprises preset parameters;   training the LLM using the training dataset, including: identifying one or more parameters changed during the training, and encrypting the changed parameters;   receiving an input query for the LLM from a user;   determining if the user has access rights to the confidential data;   in response to determining that the user has the access rights to the confidential data, decrypting the encrypted changed parameters of the LLM, and performing an LLM inference using the decrypted changed parameters; and   in response to determining that the user does not have the access rights to the confidential data, performing the LLM inference with the preset parameters without decrypting the encrypted changed parameters.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.